Fake Indian Tax Notices Used to Distribute RAT Malware

A malware campaign has emerged that exploits counterfeit Indian Income Tax Department notices to deliver a Remote Access Trojan (RAT). Cybercriminals are using social engineering tactics, including official branding and legal jargon, to lure victims into downloading malicious files. The fake tax-assessment portal is hosted on harivo[.]vip, targeting users in India. Once downloaded, the malware can compromise Windows systems, allowing attackers to gain unauthorized access. This tactic has shown alarming effectiveness, raising concerns among cybersecurity experts. The campaign's current status indicates ongoing threats to individuals and organizations in India. No specific numbers of affected users or systems have been disclosed yet.

Key Points: • Cybercriminals are impersonating the Indian Income Tax Department to distribute malware. • The attack vector involves fake tax assessment notices prompting users to download malicious files. • The campaign is currently active and targets Windows users in India.